Skip to content

Commit 3b9ea9c

Browse files
mplsgrantmplsgrant
committed
provide users with appropriate access to resources
Users need access to a number of resources so that they can run scenarios.
1 parent 242620b commit 3b9ea9c

File tree

3 files changed

+76
-4
lines changed

3 files changed

+76
-4
lines changed

resources/charts/namespaces/values.yaml

+25-1
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,32 @@ roles:
99
- apiGroups: [""]
1010
resources: ["pods"]
1111
verbs: ["get", "list", "watch"]
12+
- apiGroups: [""]
13+
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
14+
verbs: ["get"]
15+
- apiGroups: [""]
16+
resources: ["configmaps", "secrets"]
17+
verbs: ["get"]
18+
- apiGroups: [""]
19+
resources: ["persistentvolumeclaims"]
20+
verbs: ["get", "list"]
21+
- apiGroups: [""]
22+
resources: ["events"]
23+
verbs: ["get"]
1224
- name: pod-manager
1325
rules:
1426
- apiGroups: [""]
1527
resources: ["pods"]
16-
verbs: ["get", "list", "watch", "create", "update", "delete"]
28+
verbs: ["get", "list", "watch", "create", "delete", "update"]
29+
- apiGroups: [""]
30+
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
31+
verbs: ["get", "create"]
32+
- apiGroups: [""]
33+
resources: ["configmaps", "secrets"]
34+
verbs: ["get", "create"]
35+
- apiGroups: [""]
36+
resources: ["persistentvolumeclaims"]
37+
verbs: ["get", "list"]
38+
- apiGroups: [""]
39+
resources: ["events"]
40+
verbs: ["get"]

resources/namespaces/two_namespaces_two_users/namespace-defaults.yaml

+1-1
Original file line numberDiff line numberDiff line change
@@ -12,5 +12,5 @@ roles:
1212
- name: pod-manager
1313
rules:
1414
- apiGroups: [""]
15-
resources: ["pods"]
15+
resources: ["pods", "configmaps"]
1616
verbs: ["get", "list", "watch", "create", "update", "delete"]

resources/namespaces/two_namespaces_two_users/namespaces.yaml

+50-2
Original file line numberDiff line numberDiff line change
@@ -14,11 +14,35 @@ namespaces:
1414
- apiGroups: [""]
1515
resources: ["pods"]
1616
verbs: ["get", "list", "watch"]
17+
- apiGroups: [""]
18+
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
19+
verbs: ["get"]
20+
- apiGroups: [""]
21+
resources: ["configmaps", "secrets"]
22+
verbs: ["get"]
23+
- apiGroups: [""]
24+
resources: ["persistentvolumeclaims"]
25+
verbs: ["get", "list"]
26+
- apiGroups: [""]
27+
resources: ["events"]
28+
verbs: ["get"]
1729
- name: pod-manager
1830
rules:
1931
- apiGroups: [""]
2032
resources: ["pods"]
21-
verbs: ["get", "list", "watch", "create", "update", "delete"]
33+
verbs: ["get", "list", "watch", "create", "delete", "update"]
34+
- apiGroups: [""]
35+
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
36+
verbs: ["get", "create"]
37+
- apiGroups: [""]
38+
resources: ["configmaps", "secrets"]
39+
verbs: ["get", "create"]
40+
- apiGroups: [""]
41+
resources: ["persistentvolumeclaims"]
42+
verbs: ["get", "list"]
43+
- apiGroups: [""]
44+
resources: ["events"]
45+
verbs: ["get"]
2246
- name: warnet-blue-team
2347
users:
2448
- name: mallory
@@ -34,8 +58,32 @@ namespaces:
3458
- apiGroups: [""]
3559
resources: ["pods"]
3660
verbs: ["get", "list", "watch"]
61+
- apiGroups: [""]
62+
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
63+
verbs: ["get"]
64+
- apiGroups: [""]
65+
resources: ["configmaps", "secrets"]
66+
verbs: ["get"]
67+
- apiGroups: [""]
68+
resources: ["persistentvolumeclaims"]
69+
verbs: ["get", "list"]
70+
- apiGroups: [""]
71+
resources: ["events"]
72+
verbs: ["get"]
3773
- name: pod-manager
3874
rules:
3975
- apiGroups: [""]
4076
resources: ["pods"]
41-
verbs: ["get", "list", "watch", "create", "update", "delete"]
77+
verbs: ["get", "list", "watch", "create", "delete", "update"]
78+
- apiGroups: [""]
79+
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
80+
verbs: ["get", "create"]
81+
- apiGroups: [""]
82+
resources: ["configmaps", "secrets"]
83+
verbs: ["get", "create"]
84+
- apiGroups: [""]
85+
resources: ["persistentvolumeclaims"]
86+
verbs: ["get", "list"]
87+
- apiGroups: [""]
88+
resources: ["events"]
89+
verbs: ["get"]

0 commit comments

Comments
 (0)